That you can extract sensitive output values from terraform, you can terraform output $output_name
– see https://learn.hashicorp.com/tutorials/terraform/outputs#redact-sensitive-outputs
Also, sqlite provides a PRAGMA user_version=<number> to let applications store
and retrieve a versioning number.
See https://sqlite.org/pragma.html#pragma_user_version
About the terraform count meta-argument:
count = n to any resource-block to create n copies of the resource${count.index}to run terraform output $output_name to print a named output
aws policy documents can change the order of items within permissions arrays, but that’s safe to ignore:
aws_iam_policy_documentAlso, that & types take 8 bytes = 64 bits on 64-bit systems
use std::mem;
pub struct Foo {
bar: String, // 24
baz: usize, // 8
}
pub struct Quux<'a> {
foo: &'a Foo,
bar: usize,
}
fn main() {
println!("Foo: {}", mem::size_of::<Foo>()); // 32
println!("&Foo: {}", mem::size_of::<&Foo>()); // 8 -- a pointer?
println!("Quux: {}", mem::size_of::<Quux>()); // 16 -- a pointer + a usize!
println!("&Quux: {}", mem::size_of::<&Quux>()); // 8 -- another pointer
}
That there’s an official 1Password terraform provider: https://registry.terraform.io/providers/1Password/onepassword/latest/docs
That terraform plan -detailed-exitcode exists: 0 means no diff, 1 means error, 2 means a diff exists.
Also, that you can print the source code of a bash function like so:
print_fn_src() { declare -f "$1"; }
That you can list all addresses in terraform state by running
terraform state list
Docs at https://developer.hashicorp.com/terraform/cli/commands/state/list
Also, that compgen -v is a function, at least on Mac zsh.
Apparently in zsh compgen -v calls something like
for var_name in "${(k)parameters[@]}"; do
printf '%s\n' "$var_name"
done
which is the first time I’ve seen that kind of shell syntax.
It generates a bad substitution message in bash 3.2, so I can only assume it’s zsh-specific.
That the aws_ec2_tag
resource can be used to add tags to AWS RAM-shared VPCs and subnets:
This resource should only be used in cases where EC2 resources are created outside Terraform (e.g., AMIs), being shared via Resource Access Manager (RAM), or implicitly created by other means (e.g., Transit Gateway VPN Attachments).
Also, that
When the source of a module is a version control repository or archive file (generically, a “package”), the module itself may be in a sub-directory relative to the root of the package. A special double-slash syntax is interpreted by Terraform to indicate that the remaining path after that point is a sub-directory within the package. For example:
git::https://example.com/network.git//modules/vpc?ref=v1.2.0
that you can option+click to change your cursor’s location in iterm2 and mac’s terminal.app! H/t Vlad Grenkov for this one :)
As of Terraform 1.3, you can write
type = optional(real_type, default_value)
That you can specify an alternate .terraformrc file using the environment variable TF_CLI_CONFIG_FILE=$ABSOLUTE_PATH.
This can help with local provider development.
See https://developer.hashicorp.com/terraform/cli/config/environment-variables#tf_cli_config_file